Your space-enabled career begins here

Worker Type

Job Description

Summary

The Senior Program Manager – Enterprise CMMC is responsible for leading the organization’s end-to-end Cybersecurity Maturity Model Certification (CMMC) program, ensuring enterprise-wide certification readiness and sustained compliance. This role drives coordination across all business functions—including CIO, Facilities, Security, HR and other departments to implement required practices, mature organizational controls, and achieve certification objectives.

The position serves as the central program authority for CMMC planning, execution, and governance, translating regulatory requirements into structured enterprise initiatives while ensuring cross-functional alignment, accountability, and measurable progress toward certification and sustainment.

Position Responsibilities:

• Lead the enterprise-wide CMMC program strategy, roadmap, and execution plan to achieve and sustain required certification levels.
• Serve as the central program authority for CMMC implementation across all CIO-owned systems, applications, infrastructure, and enterprise business functions handling CUI.
• Own end-to-end program delivery including scope, integrated master schedule, milestones, dependencies, risks, financials, and certification readiness outcomes.
• Interpret CMMC practices and objectives and translate requirements into structured, actionable workstreams across IT, Engineering, Facilities, HR, Operations, Supply Chain, and other impacted departments.
• Drive enterprise scoping activities including CUI identification, asset inventory validation, boundary definition, and data flow mapping.
• Oversee implementation and validation of required technical, administrative, and physical controls to meet CMMC standards.
• Establish and govern structured evidence and artifact management processes to support third-party assessment readiness and ongoing sustainment.
• Coordinate internal readiness reviews, mock assessments, gap analyses, and remediation efforts in preparation for C3PAO evaluations.
• Monitor enterprise compliance posture, Plan of Action & Milestones (POA&M) tracking, remediation progress, and control maturity improvements.
• Provide executive-level reporting and decision support to the CIO and senior leadership regarding certification status, risks, resource needs, and contractual exposure.
• Drive cross-functional accountability for policy development, procedure updates, and operational changes required to meet CMMC requirements.
• Integrate organizational change management practices to ensure adoption of new controls, processes, and behavioral expectations across departments.
• Develop enterprise-wide communication strategies to ensure role-based awareness of CMMC responsibilities and compliance expectations.
• Partner with Learning & Development to design and track CMMC-related training and awareness initiatives.
• Identify and mitigate enterprise risks that could impact certification timelines, assessment outcomes, or contract eligibility.
• Manage relationships with external advisors, consultants, and assessors supporting CMMC readiness and certification activities.
• Establish governance structures and continuous monitoring processes to ensure long-term certification sustainment and audit preparedness.

Basic Qualifications (Required Skills & Experience):

• Bachelor’s degree in Information Systems, Engineering, Business, Compliance, or related field (or equivalent combination of education and experience).
• 12–15 years of experience leading complex, enterprise-scale programs with cross-functional scope and executive visibility.
• Direct experience supporting CMMC, NIST SP 800-171, or similar regulatory frameworks in a DoD-regulated or highly controlled environment.
• Demonstrated success leading enterprise-wide certification or regulatory readiness efforts requiring coordination across technical and non-technical departments.
• Strong understanding of CMMC domains, practices, scoping methodologies, evidence requirements, and third-party assessment processes.
• Experience driving implementation of technical, administrative, and physical control requirements.
• Proven ability to manage multi-million-dollar programs with significant organizational change and compliance impact.
• Deep knowledge of program and project management methodologies (Waterfall, Agile, hybrid) and enterprise risk management principles.
• Experience preparing for and supporting external regulatory assessments or certification audits.
• Exceptional executive communication skills with the ability to influence leaders across diverse business functions.
• Proficiency with enterprise program management tools; familiarity with GRC or compliance tracking platforms preferred.
• Travel is required.

Other Qualifications & Desired Competencies:

• Certifications such as PMP, PgMP, CISSP, CISM, CRISC, Certified CMMC Professional (CCP), or Certified CMMC Assessor (CCA) preferred.​
• Experience working in defense, aerospace, manufacturing, or other DoD-regulated industries strongly preferred.
• Strong understanding of Controlled Unclassified Information (CUI) handling requirements and secure enclave concepts.
• Ability to drive accountability and influence departments outside of direct reporting structures.
• Demonstrated ability to operate in deadline-driven environments where certification status impacts revenue and contractual eligibility.
• Strong initiative, ownership mindset, and ability to navigate ambiguity while building structured enterprise solutions.
• Committed to AV Values (Trust & Teamwork, Customer Commitment, Ownership & Results, and Innovate & Simplify) and consistently models these values in execution.
• Displays resilience, sound judgment, and a proactive approach to continuous improvement.

Physical Demands:

• Ability to work in an office environment (Constant)
• Required to sit and stand for long periods (Frequent); talk, hear, and use hands and fingers to operate a computer and telephone keyboard (Frequent)

Special Requirements:

• U.S. Citizen, U.S. Permanent Resident (Green Card holder) or asylee/refugee status as defined by 8 U.S.C. 1324b(a)(3) required.

Clearance Level

The salary range for this role is:

AeroVironment considers several factors when extending an offer, including but not limited to, the location, the role and associated responsibilities, a candidate’s work experience, education/training, and key skills.

ITAR Requirement:

This position requires access to information that is subject to compliance with the International Traffic Arms Regulations (“ITAR”) and/or the Export Administration Regulations (“EAR”). In order to comply with the requirements of the ITAR and/or the EAR, applicants must qualify as a U.S. person under the ITAR and the EAR, or a person to be approved for an export license by the governing agency whose technology comes under its jurisdiction. Please understand that any job offer that requires approval of an export license will be conditional on AeroVironment’s determination that it will be able to obtain an export license in a time frame consistent with AeroVironment’s business requirements. A “U.S. person” according to the ITAR definition is a U.S. citizen, U.S. lawful permanent resident (green card holder), or protected individual such as a refugee or asylee. See 22 CFR § 120.15. Some positions will require current U.S. Citizenship due to contract requirements.

Benefits: AV offers an excellent benefits package including medical, dental vision, 401K with company matching, a 9/80 work schedule and a paid holiday shutdown. For more information about our company benefit offerings please visit: http://www.avinc.com/myavbenefits.

We also encourage you to review our company website at http://www.avinc.com to learn more about us.

Principals only need apply. NO agencies please.

About AV:

AV isn’t for everyone. We hire the curious, the relentless, the mission-obsessed. The best of the best.

We don’t just build defense technology—we redefine what’s possible. As the premier autonomous systems company in the U.S., AV delivers breakthrough capabilities across air, land, sea, space, and cyber. From AI-powered drones and loitering munitions to integrated autonomy and space resilience, our technologies shape the future of warfare and protect those who serve.

Founded by legendary innovator Dr. Paul MacCready, AV has spent over 50 years pushing the boundaries of what unmanned systems can do. Our heritage includes seven platforms in the Smithsonian—but we’re not building history, we’re building what’s next.

If you're ready to build technology that matters—with speed, scale, and purpose—there’s no better place to do it than AV.

We are proud to be an EEO/AA Equal Opportunity Employer, including disability/veterans. AeroVironment, Inc. is an Equal Employment Opportunity (EEO) employer and welcomes all qualified applicants. Qualified applicants will receive fair and impartial consideration without regard to race, sex, color, religion, national origin, age, disability, protected veteran status, genetic data, sexual orientation, gender identity or other legally protected status.

ITAR